Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Activities of Super Long Term Support
Kernel Workgroup in Civil
Infrastructure Platform Project
Pavel Machek
CIP Kernel Ma...
About Us
• Pavel Machek <pavel@denx.de>
• Cooperating with Denx
• Kernel hacker
• 4096R/92DFCE96
• 4FA7 9EEF FCD4 C44F C58...
Civil Infrastructure
https://www.airpano.com/360Degree-VirtualTour.php?3D=San-Francisco-
USA
Embedded Linux Conference Eur...
The key challenges
Industrial
grade
Sustainability
Security
• Apply IoT concepts to
industrial systems.
• Ensure quality a...
CIP is the Solution
Embedded Linux Conference Europe 2019 5
• Product life-cycles of decades
• Backwards compatibility
• S...
CIP is the Solution
Embedded Linux Conference Europe 2019 6
CIP Core packages
(tens)
CIP kernel
(10+ years maintenance, ba...
UserspaceKernelspace
Linux Kernel
App container
infrastructure (mid-term)
App Framework
(optionally, mid-term)
Middleware/...
Super Long Term Support Kernel Workgroup
• The first action taken by the CIP project is to select and maintain Linux
kerne...
Policy and Progress
Embedded Linux Conference Europe 2019 9
Current LTS Versions (Retrieved 22nd, Oct 2019)
Embedded Linux Conference Europe 2019 10
Version Maintainer Released Proje...
CIP SLTS Kernel Development (Upstream First Development)
• Goal
• Providing CIP kernels with more
than 10 years maintenanc...
Introduction to CIP Kernel Team Member
• Chairperson
• SZ Lin (林上智)
• Maintainer
• Nobuhiro Iwamatsu
• Pavel Machek
• Ment...
Current SLTS Versions (Retrieved 22nd, Oct 2019)
Embedded Linux Conference Europe 2019 13
Version Maintainer First Release...
CIP SLTS Kernel Development
Maintenance Policy
• https://wiki.linuxfoundation.org/civilinfrastructureplatform/cipkernelmai...
CIP SLTS Kernel Development
Out-of-tree drivers
• In general, all out-of-tree drivers are unsupported by CIP
• Users can u...
Feature backports
CIP SLTS Kernel Development
Embedded Linux Conference Europe 2019 16
Mainline
Stable 4.4.y
4.4
EOL
CIP S...
The Sources of CIP Patches
Embedded Linux Conference Europe 2019 17
CIP patches
Stable patches
Backported
patches
cip-dev@...
Patches Review
Embedded Linux Conference Europe 2019 18
Stable Patches Review Participation
Embedded Linux Conference Europe 2019 19
Stable patches
Review Stable Patches
Stable Patches Review Participation
Embedded Linux Conference Europe 2019 20
Stable patches
Kernel 4.4
Kernel 4.19
Review ...
Stable Patches Review Participation
Embedded Linux Conference Europe 2019 21
Stable patches
Review Stable Patches
> --- a/...
Difference Between -stable Kernel Rules and Rules Imposed in Practice
a) It or an equivalent fix must already exist in Lin...
CIP Kernel Team Contribution to Upstream Statistics (Retrieved 25th , Oct 2019)
Embedded Linux Conference Europe 2019 23
6...
CIP Members Patches Review Participation
Embedded Linux Conference Europe 2019 24
CIP member
patches
[cip-dev] [PATCH 4.4-...
Feature Backported Patches Statistics in CIP Kernel
Embedded Linux Conference Europe 2019 25
617
436
0
100
200
300
400
500...
CIP SLTS Real-time Support
Stable-rt
CIP SLTS-rt
+PREEMPT_RT Follow the CIP SLTS with
PREEMPT_RT patch
Validate by CIP mem...
CIP SLTS Real-time Support
• CIP has become a Gold Member of the
Real Time Linux Project
• What’s next
• Work together wit...
CIP SLTS Kernel Release Policy
Embedded Linux Conference Europe 2019 28
Release regularly Release on demand
Release 4.19 t...
CIP Kernel and Real-time Kernel Release Statistics
Embedded Linux Conference Europe 2019 29
15
14
9
38
42
3
17
5
25
26
0 0...
Introduction to "cip-kernel-sec”
• This project tracks the status of security issues, identified by CVE ID, in
mainline, s...
The Maintenance Scope of "cip-kernel-sec” – “cip-kernel-config”
• The security issues are determined to be fixed base on k...
CVE Issue Format - Supported by CIP
Embedded Linux Conference Europe 2019 32
Issue Format - YAML
CVE Issue Format – Unsupported by CIP
Embedded Linux Conference Europe 2019 33
Introduction to "classify-failed-patches"
• This project tracks the status of failed patches, and classifies patches into
...
Introduction to "classify-failed-patches"
Embedded Linux Conference Europe 2019 35
Applied patches
To be Applied
Patches
Testing
Embedded Linux Conference Europe 2019 36
CIP Testing Talk at CIP Mini Summit
• Thursday in CIP Mini Summit
• 8:00 – 13:00 @ Lyon Convention Centre
Embedded Linux C...
Summary
• Routine tasks
• The frequency of CIP kernel release
• The kernel of
• 4.4 will be released at least once and 4.1...
Weekly Regular Online Meeting
• CIP IRC weekly meeting – Every Thursday UTC (GMT) 09:00
• Channel:
* irc:chat.freenode.net...
CIP Kernel Workgroup Repository
• CIP Linux kernel & real-time kernel
• https://git.kernel.org/pub/scm/linux/kernel/git/ci...
Contact Information and Resources
To get the latest information, please contact:
• CIP Mailing List: cip-dev@lists.cip-pro...
CIP Talks at ELCE, CIP Mini Summit, and ATS
• Today (ELCE)
• 15:15 @ Tête d'Or 2 (CIP)
Open Source Projects to Live long a...
Please Visit CIP Booth!
Embedded Linux Conference Europe 2019 43
Place: FORUM 4/5 Sponsor Showcase
“CIP mini-summit” will ...
Join us
CIP for sustainable Smart Cities with Open Source Software
Embedded Linux Conference Europe 2019
Question?
Embedded Linux Conference Europe 2019
Thank you
Embedded Linux Conference Europe 2019
References
• How to make Smart Cities stay smart with Open Source Projects, OSS-J
2019, Yoshitake Kobayashi
• The Activity...
Prochain SlideShare
Chargement dans…5
×

[ELCE] Activities of super long term support kernel workgroup in civil infrastructure platform project

146 vues

Publié le

In this presentation, we share the current status of CIP kernel team

Publié dans : Logiciels
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

[ELCE] Activities of super long term support kernel workgroup in civil infrastructure platform project

  1. 1. Activities of Super Long Term Support Kernel Workgroup in Civil Infrastructure Platform Project Pavel Machek CIP Kernel Maintainer, Denx SZ Lin (林上智) CIP Kernel Working Group Chairperson and TSC Representative, Moxa Inc. ELCE 2019, France, 29th Oct.
  2. 2. About Us • Pavel Machek <pavel@denx.de> • Cooperating with Denx • Kernel hacker • 4096R/92DFCE96 • 4FA7 9EEF FCD4 C44F C585 B8C7 C060 2241 92DF CE96 • SZ Lin (林上智) <sz.lin@moxa.com> • Working for Moxa Inc. • Debian developer • Contribute to Linux and other OSS projects • 4096R/9561F3F9 • 178F 8338 B314 01E3 04FC 44BA A959 B38A 9561 F3F9 Embedded Linux Conference Europe 2019 2
  3. 3. Civil Infrastructure https://www.airpano.com/360Degree-VirtualTour.php?3D=San-Francisco- USA Embedded Linux Conference Europe 2019 3
  4. 4. The key challenges Industrial grade Sustainability Security • Apply IoT concepts to industrial systems. • Ensure quality and longevity of products. • Keep millions of connected systems secure. • Product life-cycles of decades • Backwards compatibility • Standards • Reliability • Functional Safety • Real-time capabilities • Security & vunerability managment • Firmware updates • Minimize risk of regressions Embedded Linux Conference Europe 2019
  5. 5. CIP is the Solution Embedded Linux Conference Europe 2019 5 • Product life-cycles of decades • Backwards compatibility • Standards • Reliability • Functional Safety • Real-time capabilities • Security & vunerability managment • Firmware updates • Minimize risk of regressions Industrial grade Sustainability Security
  6. 6. CIP is the Solution Embedded Linux Conference Europe 2019 6 CIP Core packages (tens) CIP kernel (10+ years maintenance, based on LTS kernels) additional packages (hundreds) company-specific middleware and applications Establishes an “Open Source Base Layer (OSBL)”
  7. 7. UserspaceKernelspace Linux Kernel App container infrastructure (mid-term) App Framework (optionally, mid-term) Middleware/Libraries Safe & Secure Update Monitoring Domain Specific communication (e.g. OPC UA) Shared config. & logging Real-time support Real-time / safe virtualization Tools Concepts Build environment (e.g. bitbake, dpkg) Test automation Tracing & reporting tools Configuration management Device management (update, download) Functional safety architecture/strategy, including compliance w/ standards (e.g., NERC CIP, IEC61508) Long-term support Strategy: security patch management Standardization collaborative effort with others License clearing Export Control Classification On-device software stack Product development and maintenance Application life- cycle management Security Multimedia Super Long Term Supported Kernel (STLS) 1 3 2 CIP Core Packages4 4 1 4 56 The Scope of CIP Embedded Linux Conference Europe 2019 7
  8. 8. Super Long Term Support Kernel Workgroup • The first action taken by the CIP project is to select and maintain Linux kernels for very long time (10+ years). • Applying the PREEMPT_RT patch to CIP Kernel, then maintaining as CIP- RT. Embedded Linux Conference Europe 2019 8 SLTS kernel Real-time Testing CIP Core Security WG(*) Software update WG 1 32 4 5 6 (*): Workgroup ✔ ✔ ✔ ✔ ✔ ✔ Industrial grade ✔ ✔ ✔ ✔ Sustainability ✔ ✔ ✔ ✔ ✔ Security CIP Projects and its scopes
  9. 9. Policy and Progress Embedded Linux Conference Europe 2019 9
  10. 10. Current LTS Versions (Retrieved 22nd, Oct 2019) Embedded Linux Conference Europe 2019 10 Version Maintainer Released Projected EOL 5.4 Greg Kroah-Hartman & Sasha Levin 2019-XX-XX Dec, 2021 4.19 Greg Kroah-Hartman & Sasha Levin 2018-10-22 Dec, 2020 4.14 Greg Kroah-Hartman & Sasha Levin 2017-11-12 Jan, 2024 4.9 Greg Kroah-Hartman & Sasha Levin 2016-12-11 Jan, 2023 4.4 Greg Kroah-Hartman & Sasha Levin 2016-01-10 Feb, 2022 3.16 Ben Hutchings 2014-08-03 Apr, 2020
  11. 11. CIP SLTS Kernel Development (Upstream First Development) • Goal • Providing CIP kernels with more than 10 years maintenance period • Super Long Time Stable kernel • Status • LTS review process participation • CIP SLTS kernels release • 4.4.196-cip38 • 4.19.78-cip12 • CIP kernel CVE tracker • CIP kernel failed patches tracker Mainline / LTS Mentor / Maintainer Developers CIP kernel team Review and test results/ Fixes Feature mainlining LTS kernel CIP SLTS kernel 1 1 2 3 1 Upstreaming 2 Merge 3 Integrate and test Embedded Linux Conference Europe 2019 11
  12. 12. Introduction to CIP Kernel Team Member • Chairperson • SZ Lin (林上智) • Maintainer • Nobuhiro Iwamatsu • Pavel Machek • Mentor • Ben Hutchings Embedded Linux Conference Europe 2019 12
  13. 13. Current SLTS Versions (Retrieved 22nd, Oct 2019) Embedded Linux Conference Europe 2019 13 Version Maintainer First Release Latest Release Projected EOL 4.19 Nobuhiro Iwamatsu & Pavel Machek 2019-01-11 • v4.19.13-cip1 2019-10-12 • v4.19.78-cip12 2029+ 4.19-rt Pavel Machek 2019-01-11 • v4.19.13-cip1-rt1 2019-10-02 • v4.19.72-cip10-rt3 2029+ 4.4 Nobuhiro Iwamatsu & Pavel Machek 2017-01-17 • v4.4.42-cip1 2019-10-12 • v4.4.196-cip38 2027+ 4.4-rt Pavel Machek 2017-11-16 • v4.4.75-cip6-rt1 2019-10-02 • v4.4.190-cip36-rt25 2027+
  14. 14. CIP SLTS Kernel Development Maintenance Policy • https://wiki.linuxfoundation.org/civilinfrastructureplatform/cipkernelmai ntenance • Follow the stable kernel development rule as the basis • Validation will be done by CIP test infrastructure and/or members • Feature backports from CIP members are acceptable • All features has to be in upstream kernel before backport to CIP kernel • CIP has “Upstream first” policy • The CIP Project uses the Linux Foundation Developer Certificate of Origin (DCO) Embedded Linux Conference Europe 2019 14
  15. 15. CIP SLTS Kernel Development Out-of-tree drivers • In general, all out-of-tree drivers are unsupported by CIP • Users can use CIP kernel with out-of-tree drivers • If a bug is found in such a modified kernel, users will first demonstrate that it exists in the CIP kernel source release in order for the CIP maintainers to act on it. Embedded Linux Conference Europe 2019 15
  16. 16. Feature backports CIP SLTS Kernel Development Embedded Linux Conference Europe 2019 16 Mainline Stable 4.4.y 4.4 EOL CIP SLTS (linux-4.4.y-cip) Backported patches CIP SLTS (linux-4.19.y-cip) 4.19 Maintained by Iwamatsu and Pavel Stable 4.19.y EOL
  17. 17. The Sources of CIP Patches Embedded Linux Conference Europe 2019 17 CIP patches Stable patches Backported patches cip-dev@lists.cip-project.org  Security issue  Bug fixes  Security issue  Bug fixes  Feature backports
  18. 18. Patches Review Embedded Linux Conference Europe 2019 18
  19. 19. Stable Patches Review Participation Embedded Linux Conference Europe 2019 19 Stable patches Review Stable Patches
  20. 20. Stable Patches Review Participation Embedded Linux Conference Europe 2019 20 Stable patches Kernel 4.4 Kernel 4.19 Review Stable Patches
  21. 21. Stable Patches Review Participation Embedded Linux Conference Europe 2019 21 Stable patches Review Stable Patches > --- a/drivers/infiniband/core/restrack.c > +++ b/drivers/infiniband/core/restrack.c > @@ -209,7 +209,7 @@ void rdma_restrack_del(struct rdma_restr > struct ib_device *dev; > > if (!res->valid) > - return; > + goto out; > > dev = res_to_dev(res); > if (!dev) # return; This test does return, does it need to go through 'goto out', too? (I see it should not happen, but...) > @@ -222,8 +222,10 @@ void rdma_restrack_del(struct rdma_restr > down_write(&dev->res.rwsem); > hash_del(&res->node); > res->valid = false; > + up_write(&dev->res.rwsem); > + > +out: > if (res->task) > put_task_struct(res->task); > - up_write(&dev->res.rwsem); > } Mainline says res->task = NULL is needed there, see fe9bc1644918aa1d. Best regards, Pavel Reviewed by Pavel for 4.19-stable
  22. 22. Difference Between -stable Kernel Rules and Rules Imposed in Practice a) It or an equivalent fix must already exist in Linus' tree (upstream). Enforced. Strong preference is given to merging exactly the same patch as in upstream. b) It must be obviously correct and tested. Preference is given to a): buggy patch is merged, then fix is merged as followup. c) It must fix a real bug that bothers people (not a, "This could be a problem..." type thing). Anything that looks like a bugfix is merged, includes trivial memory leaks that leak few bytes per boot and missing of_node_put(). d) It must fix a problem that causes a build error (...), an oops, a hang, data corruption, a real security issue, or some "oh, that's not good" issue. In short, something critical. Build-time warnings, run-time warnings, confusing printk messages and loglevel changes for printk messages are applied. e) It cannot contain any "trivial" fixes in it (spelling changes, whitespace cleanups, etc). Certainly not enforced. There is preference to taking patches from mainline with no changes. Embedded Linux Conference Europe 2019 22
  23. 23. CIP Kernel Team Contribution to Upstream Statistics (Retrieved 25th , Oct 2019) Embedded Linux Conference Europe 2019 23 62 73 30 0 0 10 20 30 40 50 60 70 80 kernel 4.4 kernel 4.19 Email discussion/ review Patch commits
  24. 24. CIP Members Patches Review Participation Embedded Linux Conference Europe 2019 24 CIP member patches [cip-dev] [PATCH 4.4-cip] ARM: dts: socfpga: Rename socfpga_cyclone5_de0_{sockit, nano_soc} Jan Kiszka [cip-dev] [PATCH 4.4-cip] ARM: dts: socfpga: Rename socfpga_cyclone5_de0_{sockit, nano_soc} Nobuhiro Iwamatsu [cip-dev] [PATCH 4.19.y-cip 0/4] Add USB support Biju Das [cip-dev] [PATCH 4.19.y-cip 0/4] Add USB support Pavel Machek [cip-dev] [PATCH 4.19.y-cip 0/4] Add USB support Pavel Machek Kernel 4.4 Kernel 4.19 Review CIP Member Patches
  25. 25. Feature Backported Patches Statistics in CIP Kernel Embedded Linux Conference Europe 2019 25 617 436 0 100 200 300 400 500 600 700 CIP kernel 4.4 CIP kernel 4.19 Patch commits
  26. 26. CIP SLTS Real-time Support Stable-rt CIP SLTS-rt +PREEMPT_RT Follow the CIP SLTS with PREEMPT_RT patch Validate by CIP members Take over from maintainer 26Embedded Linux Conference Europe 2019 CIP SLTS+PREEMPT_RT (will be separately maintained by CIP members) • CIP kernel tree based on linux-stable-rt and patches from CIP SLTS • Validation will be done by CIP
  27. 27. CIP SLTS Real-time Support • CIP has become a Gold Member of the Real Time Linux Project • What’s next • Work together with the RTL Project • More information • https://wiki.linuxfoundation.org/realtime/rtl/start 27Embedded Linux Conference Europe 2019
  28. 28. CIP SLTS Kernel Release Policy Embedded Linux Conference Europe 2019 28 Release regularly Release on demand Release 4.19 twice a month and 4.4 once a month (Effective June, 2019) • Kernel 4.19 • second and fourth Fridays of the month • Kernel 4.4 • second Friday of the month It depends on critical bug/ security fix Release 4.19-rt once a month and 4.4-rt once every two months (Effective Nov, 2019) Ditto Note: Difficult to estimate actual release date because of number of patches depends on each stable release
  29. 29. CIP Kernel and Real-time Kernel Release Statistics Embedded Linux Conference Europe 2019 29 15 14 9 38 42 3 17 5 25 26 0 0 12 12 16 0 0 3 3 5 0 5 10 15 20 25 30 35 40 45 2017 2018 2019 (Retrieved 27th, Oct) Total (Retrieved 27th, Oct) Total estimated in 2019 v4.4-cip v4.4-cip-rt v4.19-cip v4.19-cip-rt
  30. 30. Introduction to "cip-kernel-sec” • This project tracks the status of security issues, identified by CVE ID, in mainline, stable, and other configured branches. Embedded Linux Conference Europe 2019 30
  31. 31. The Maintenance Scope of "cip-kernel-sec” – “cip-kernel-config” • The security issues are determined to be fixed base on kernel configurations provided by CIP members Embedded Linux Conference Europe 2019 31
  32. 32. CVE Issue Format - Supported by CIP Embedded Linux Conference Europe 2019 32 Issue Format - YAML
  33. 33. CVE Issue Format – Unsupported by CIP Embedded Linux Conference Europe 2019 33
  34. 34. Introduction to "classify-failed-patches" • This project tracks the status of failed patches, and classifies patches into “applied” and “ToApply” types. Embedded Linux Conference Europe 2019 34
  35. 35. Introduction to "classify-failed-patches" Embedded Linux Conference Europe 2019 35 Applied patches To be Applied Patches
  36. 36. Testing Embedded Linux Conference Europe 2019 36
  37. 37. CIP Testing Talk at CIP Mini Summit • Thursday in CIP Mini Summit • 8:00 – 13:00 @ Lyon Convention Centre Embedded Linux Conference Europe 2019 37 Testing Architecture Overview
  38. 38. Summary • Routine tasks • The frequency of CIP kernel release • The kernel of • 4.4 will be released at least once and 4.19 will be released at least twice every month • 4.4-rt will be released at least once every two months and 4.19-rt will be released at least twice a month • Failed patch tracker • Linux kernel CVE tracker • Occasional tasks • Build up kernel and rt-kernel testing • Define and update the wiki for kernel maintenance scope Embedded Linux Conference Europe 2019 38
  39. 39. Weekly Regular Online Meeting • CIP IRC weekly meeting – Every Thursday UTC (GMT) 09:00 • Channel: * irc:chat.freenode.net:6667/cip • The meeting will take 30 min although it can be extended to an hour if it makes sense and those involved in the topics can stay. Otherwise, the topic will be taken offline or in the next meeting. Embedded Linux Conference Europe 2019 39 US-West US-East UK DE TW JP 02:00 05:00 09:00 10:00 17:00 18:00
  40. 40. CIP Kernel Workgroup Repository • CIP Linux kernel & real-time kernel • https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git • CIP Linux kernel CVE tracker • https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec • CIP Linux kernel failed patches tracker • https://gitlab.com/cip-project/cip-kernel/classify-failed-patches Embedded Linux Conference Europe 2019 40
  41. 41. Contact Information and Resources To get the latest information, please contact: • CIP Mailing List: cip-dev@lists.cip-project.org Other resources • Twitter: @cip_project • CIP Web Site: https://www.cip-project.org • CIP News: https://www.cip-project.org/news/in-the-news • CIP Wiki: https://wiki.linuxfoundation.org/civilinfrastructureplatform/ • CIP Source Code • CIP repositories hosted at kernel.org: https://git.kernel.org/pub/scm/linux/kernel/git/cip/ • CIP GitLab: https://gitlab.com/cip-project Embedded Linux Conference Europe 2019
  42. 42. CIP Talks at ELCE, CIP Mini Summit, and ATS • Today (ELCE) • 15:15 @ Tête d'Or 2 (CIP) Open Source Projects to Live long and Prosper: Linux for Smart Infrastructure and Industry - Yoshitake Kobayashi, Toshiba Corporation & Urs Gleim, Siemens AG • Thursday in CIP Mini Summit • 8:00 – 13:00 @ Lyon Convention Centre • https://www.cvent.com/Events/Register/RegNumConfirmation.aspx?e=66d78d44- 9d3c-4c92-85fa-a87ef8e8b62b&_ga=2.224040339.985516515.1571730868- 505872952.1553045385 • Thursday in Automated Testing Summit (ATS) • 15:10 @ Rhone 3AB (CIP Testing) A Guide to CIP Testing - Chris Paterson, Renesas Electronics Europe & Michael Adler, Siemens AG Embedded Linux Conference Europe 2019
  43. 43. Please Visit CIP Booth! Embedded Linux Conference Europe 2019 43 Place: FORUM 4/5 Sponsor Showcase “CIP mini-summit” will be held on Oct. 31th (Thu), but sold out already, thank you!
  44. 44. Join us CIP for sustainable Smart Cities with Open Source Software Embedded Linux Conference Europe 2019
  45. 45. Question? Embedded Linux Conference Europe 2019
  46. 46. Thank you Embedded Linux Conference Europe 2019
  47. 47. References • How to make Smart Cities stay smart with Open Source Projects, OSS-J 2019, Yoshitake Kobayashi • The Activity of the Security Working Group in the CIP Project, OSS-J 2019, Takehisa Katayama • Debian and Yocto Project based Long-term Maintenance Approaches for Embedded Products, ELCE 2019, Jan Kiszka and Kazuhiro Hayashi Embedded Linux Conference Europe 2019 47

×